Washington D.C. -- (AFPS)
-- October 27, 2011 – The commander of U.S. Cyber Command called for increased
collaboration among the government, industry and America’s allies in developing
more defensible networks to confront escalating global cyber threats.

Firewalls, routers, antivirus software and intrusion detection systems are
designed to identify and block specific cyber-intruder signatures, Alexander
said. The problem, he noted, is that adversaries have the ability to scan the
networks, exploit vulnerabilities and use them to gain access.

“It’s like the Maginot Line,” Alexander explained, referring to the
fortifications France built along its border with Germany after World War I with
hopes of preventing another cross-border attack. Germany responded during World
War II by doing the unexpected: attacking instead through the Ardennes Forest.

“That’s the same thing that happens in your network,” Alexander said, noting in
cyberspace adversaries have “all the advantages.” They can scan networks, he
said, and identify what software is being run, and pounce when they identify a
vulnerability.

“That’s the dynamic we have to change,” Alexander said. “We are the guys who
helped create the Internet. We are the ones that built that. We ought to be the
first ones to secure it.”

The White House’s International Strategy for Cyberspace and Defense Department
strategy represent a start in that direction, Alexander said. But he emphasized
that developing more defensible systems isn’t something the Defense Department
or any other entity can do alone.

It requires government agencies working as a team, he said, while also working
with industry and U.S. allies and partners.

“When we talk cyber, we talk a team sport,” Alexander said. “It’s all of us
operating as a team to defend the country in cyberspace, with the right legal
authorities.”

Alexander cited the explosion of network communications around the world. As of
March 31, 30 percent of the world population had access to the Internet. During
2010, 107 trillion emails were sent -- that’s 294 billion per day. By 2015, he
said, it’s predicted that there will be twice as many Internet devices as people
on the planet.

Such growth, the general said, has created vulnerabilities which leave no sector
immune -- from hackings at well-respected companies such as Nasdaq, RSA Security
and Booz Allen Hamilton to denial-of-service attacks in Estonia, Georgia and
elsewhere.

For every company that recognizes it has been hacked, Alexander said, hundreds
more don’t.

Among the costs is a huge loss of intellectual property through what Alexander
called “the greatest transfer of wealth in history.” But the bigger fear, he
said, is that disruptive attacks will turn destructive.

Alexander noted initiatives under way that show promise in countering these
growing threats. For example, he said, “cloud” computing delivers shared
resources and software through virtual routers, machines and networks [and]
enables faster server updates and more agile responses than legacy databases.

Meanwhile, a pilot program in which the Defense Department shares classified
threat intelligence with industry is helping to increase military cyber defenses
and preventing enemy intrusions into other sensitive government networks.

“The intent is to push signatures to the Internet service providers and protect
vulnerabilities,” he said. “We are having success with that.”

Lauding progress in network protections, Alexander emphasized that they can’t
come at the cost of civil liberties and privacy rights.

“We should demand that we get both,” he said. “In my opinion, we can do that. We
can protect civil liberties and privacy and come up with a defensive program
that we can defend this country and our companies in cyberspace.”

Defending a New Domain : The Pentagon's Cyberstrategy, by
William J.
Lynn III, U.S. Deputy Secretary of Defense, and Nicholas Thompson, in
Foreign Affairs, September 28. 2011. Deputy Secretary of Defense William
Lynn discusses the various new strategies used by the Pentagon to identify
information technology threats, combat cyber warfare, and protect U.S.
infrastructure.